Privacy Policy

Privacy Policy

This Privacy Policy explains how ThinkMindLabs (“we,” “us,” or “our”) collects, uses, stores, and protects information in connection with our AI Voice Stack as a Service platform (Pravakta.ai) and our corporate website.

Effective: 1 January 2025
Last Updated: 1 March 2025
Version 2.1
1

Overview & Scope

ℹ️
Zero-Egress Architecture: When the Pravakta AI Voice Stack (a ThinkMindLabs product) is deployed on your enterprise infrastructure, all call data — recordings, transcripts, and analytics — remains entirely within your environment. ThinkMindLabs does not receive, access, or process that data.

This Privacy Policy governs: (a) our corporate website (pravakta.ai and subdomains);(b) information collected from prospective customers, partners, and website visitors; and(c) data processed during our pre-sales, onboarding, and support activities.

This Policy does not govern data processed by the Pravakta AI Voice Stack deployed on a customer's own infrastructure. That data is subject solely to the customer's own privacy policies and the Data Processing Agreement (“DPA”) executed between ThinkMindLabs and the customer.

2

Information We Collect

2.1 Information You Provide Directly

  • Contact details (name, work email, phone number, job title) when you fill in forms, request a demo, or contact us
  • Company and team information provided during sales and onboarding
  • Communications sent to us by email, chat, or through our web forms
  • Information provided in connection with support requests

2.2 Information Collected Automatically

  • Standard web server logs (IP address, browser type, pages visited, referrer URL, timestamps)
  • Session analytics from privacy-respecting analytics tools (no cross-site tracking)
  • Cookies strictly necessary for website function and session management (see Section 9)

2.3 Information from Third Parties

  • Business contact information from publicly available sources for enterprise outreach
  • Information from authorised resellers and integration partners in the course of a joint customer engagement
We do not purchase or use third-party consumer data brokers. We do not use advertising pixels or sell your personal information to any third party.
3

How We Use Information

We use the information described in Section 2 for the following purposes:

  • To respond to enquiries, schedule demonstrations, and conduct sales discussions
  • To deliver, configure, and support the Pravakta platform (by ThinkMindLabs) for enterprise customers
  • To send relevant technical updates, product announcements, and security advisories (with opt-out available at any time)
  • To comply with applicable legal obligations including tax, audit, and regulatory reporting
  • To detect and prevent fraud, abuse, and security incidents on our website
  • To improve our website and communications based on aggregate, non-identifiable usage patterns
⚠️
We rely on the following lawful bases for processing under applicable data protection laws: Contract (performance of services), Legitimate Interests (sales outreach, security), and Legal Obligation (regulatory compliance). Where we rely on Consent (e.g. marketing emails), you may withdraw it at any time.
4

Data Storage & Residency

ThinkMindLabs' corporate data (website visitor data, prospect information, support communications) is stored on servers located in India and the European Union. We apply appropriate safeguards including Standard Contractual Clauses for any cross-border transfers.

Customer-deployed platform data is stored exclusively on the customer's designated infrastructure. ThinkMindLabs has no access to and does not store any customer call recordings, transcripts, voice agent interaction data, or Co-Pilot analytics.

🏛️
Data Sovereignty Guarantee: No enterprise call data, transcript, or model weight processed by the Pravakta AI Voice Stack is transmitted to, stored at, or accessible by ThinkMindLabs or any third party. This is verified by our regular security audits.
5

Data Sharing & Disclosure

We do not sell, rent, or trade personal information. We may share limited information with:

  • Service providers acting as processors on our behalf (e.g. email delivery, CRM, cloud hosting) — bound by data processing agreements
  • Professional advisors (lawyers, auditors, insurers) under strict confidentiality obligations
  • Regulatory bodies and law enforcement when required by applicable law, court order, or to protect our legal rights
  • A successor entity in the event of a merger, acquisition, or asset sale — with advance notice provided where legally permitted

All third-party service providers are contractually required to process data only for the purposes for which it was shared and to maintain appropriate security standards.

6

Retention & Deletion

We retain personal information only for as long as necessary for the purposes described in this Policy or as required by law:

  • Website visitor logs: 90 days
  • Prospect and lead data: 3 years from last interaction (or upon opt-out request)
  • Customer account data: duration of the contract plus 5 years for audit purposes
  • Support communications: 3 years
  • Legal holds: for the duration of any legal proceedings or regulatory investigation

You may request deletion of your personal information at any time (see Section 7). We will process deletion requests within 30 days, subject to any legal retention obligations.

7

Your Rights

Subject to applicable law, you have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your personal information ('right to be forgotten')
  • Restriction: Request that we restrict processing while a dispute is resolved
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests or for direct marketing
  • Withdrawal of Consent: Withdraw any consent previously given at any time without penalty

To exercise any of these rights, please email privacy@thinkmindlabs.com or use the contact form at the bottom of this page. We will respond within 30 days (extended to 60 days for complex requests with prior notice).

📧
DPA Requests: Enterprise customers seeking a Data Processing Agreement for GDPR, DPDP Act, or HIPAA compliance should contact legal@thinkmindlabs.com. A standard DPA is included with all Scale and Sovereign tier contracts.
8

Children's Privacy

The Pravakta platform and website are directed exclusively at business professionals and enterprise organisations. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have collected personal information from a minor, we will delete it promptly.

9

Cookies & Tracking

Our website uses a minimal set of cookies:

  • Strictly Necessary Cookies: Required for website function (session management, security). These cannot be disabled.
  • Analytics Cookies: Privacy-respecting, self-hosted analytics to understand aggregate usage. No cross-site tracking. Opt-out available in browser settings.
  • Preference Cookies: Remember your cookie consent choice.

We do not use advertising cookies, retargeting pixels, or any third-party tracking that would follow you across other websites. You may manage cookie preferences through your browser settings at any time.

10

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our practices, or the services we offer. When we make material changes, we will:

  • Update the 'Last Updated' date at the top of this Policy
  • Post a notice on our website for at least 30 days
  • Send notice to enterprise customers via the registered contact email on their account

Continued use of our website or platform after the effective date of any changes constitutes acceptance of the revised Policy.

11

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:

Data Protection Officer
ThinkMindLabs
Email: dpo@thinkmindlabs.com
Legal enquiries: legal@thinkmindlabs.com
Registered Office: ThinkMindLabs HQ, Gurugram, India

If you are located in the European Union and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority.